Smart Forms <= 2.5.15 – Cross-Site Request Forgery (CSRF)

https://wpvulndb.com/vulnerabilities/9232

FormCraft <= 1.2.1 – Cross-Site Request Forgery (CSRF)

https://wpvulndb.com/vulnerabilities/9231

Contact Form Email <= 1.2.65 – Multiple Cross-Site Scripting (XSS) & CSRF

https://wpvulndb.com/vulnerabilities/9227

Blog2Social <= 5.0.2 – Authenticated Cross-Site Scripting (XSS)

https://wpvulndb.com/vulnerabilities/9225

Quiz And Survey Master – Authenticated Cross-Site Scripting (XSS)

https://wpvulndb.com/vulnerabilities/9224

Fremius Library <= 2.2.3 – Authenticated Option Update

https://wpvulndb.com/vulnerabilities/9223

WordPress 3.7-5.0 (except 4.9.9) – Authenticated Code Execution

https://wpvulndb.com/vulnerabilities/9222

WP Cost Estimation < 9.660 – Upload Directory Traversal

https://wpvulndb.com/vulnerabilities/9220

WP Cost Estimation < 9.644 – Arbitrary File Upload and Delete

https://wpvulndb.com/vulnerabilities/9219

Newspaper Theme <= 9.2.2 – Cross-Site Scripting (XSS)

https://wpvulndb.com/vulnerabilities/9218